<?php

/**
 * This is a utility class for accessing common HTTP request params
 * using php's request variables
 * 
 * $_GET
 * $_POST
 *
 * These methods contain the preventions from xss attacks
 */
class HTTPRequest{
	
	
	public static function getParam($name){
		
		if (isset($_GET[$name])){
			return htmlspecialchars($_GET[$name]);
			
		}else if (isset($_POST[$name])){
			
			// this is needed if the param is array,
			// ie. checkboxes with same param name
			// but different values
			if(is_array($_POST[$name])){
				$paramArray = array();
				foreach($_POST[$name] as $p){
					array_push($paramArray, htmlspecialchars($p));	
				}
				return $paramArray;
			}
			
			return htmlspecialchars($_POST[$name]);			
		}
		
		return null;
	}
}

?>
